as promised before, we posted the initial update to our Security Workbook VOL1 matching new new CCIE Security v3.0 blueprint. It covers the “ASA Firewall” section of the lab exam blueprint and contains 50 technology focused mini-scenarios. All customers with active subscription to the existing version of IEWB-SC VOL1 should see the new material under their members site accounts. The new content has been rewritten from scratch, with the task wording changed along with breakdowns, comments and explanatins added. You will see the mini-labs presented in “challenging” format, matching our new philosophy for the updated line of CCIE products. Of course, there are new scenarios covering the updated CCIE Security lab blueprint. If you are wondering why we jumped from version 3.2 to v5.0, there are few good reasons. Firstly, it symbolizes the unified design philosophy of our RS and SC products as the most recent version of RS products is v5.0. Secondly, you should remember how they jumped to IPv6 from IPv4. We thought that’s a good idea too. And last, but not least – Cisco did the same trick to their line of unified communication products!

Finally, Here is the list of topics covered in this update. The highlighted topics correspond to the completely new scenarios added to the section. Notice however, that all other tasks have been completely updated as well! Happy studying!

About Petr Lapukhov, 4xCCIE/CCDE:

Petr Lapukhov's career in IT begain in 1988 with a focus on computer programming, and progressed into networking with his first exposure to Novell NetWare in 1991. Initially involved with Kazan State University's campus network support and UNIX system administration, he went through the path of becoming a networking consultant, taking part in many network deployment projects. Petr currently has over 12 years of experience working in the Cisco networking field, and is the only person in the world to have obtained four CCIEs in under two years, passing each on his first attempt. Petr is an exceptional case in that he has been working with all of the technologies covered in his four CCIE tracks (R&S, Security, SP, and Voice) on a daily basis for many years. When not actively teaching classes, developing self-paced products, studying for the CCDE Practical & the CCIE Storage Lab Exam, and completing his PhD in Applied Mathematics.

“Beta” simply means we keep updating the content and fixing any bugs/typos that could possibly be there. For example, there might be one or two more labs added to the ASA section. We think adding small updates in shorter period of time is better than keeping content up to the moment till “everything is done”. Of course, there are going to be more sections added with time, including IOS Firewall, VPN, IPS, Identity Management and so on.

We schedule to deliver the next VOL1 update (“IOS Firewall”) on approximately 2nd-3rd week of April. Additionally, VOL2 updates are to be delivered in parallel with VOL1, starting 2nd week of April – one or two labs every week. More VOL1 sections are to be posted in May (VPN and Identity Management) with IPS and Advanced Security labs delivered in June. We plan to finish with all updates (both VOL1 and VOL2) by late June/early July.

The content management engine displays the latest modification time next to every workbook file. In addition to that, we are going to configure the engine so that every time a new update is posted, you receive an e-mail notification.

I click the link (ASA firewall (BETA)) and it stalls out after 30 seconds. There is a popup that comes up (pushfile.php from members.internetworkexpert.com) and then it shows an error (in IE – the requested site is either unavailable or cannot be found.

This also occurs on the hardware specs link located just above the ASA Firewall (BETA) link.

Petr, can you explain how can i use Modular policy framework effectively?
I am confused with class-map, class-map type, policy-map and policy-map type! If you can, it would be immense!
Заранее спасибо! Привет из Украины!

Hey Peter… I’ve been walking through this new section you posted specifically on ASA Firewall. I noticed a typo while walking through section 1.44 in the solutions. You have “ip route 136.1.200.100 255.255.255.255 136.1.100.3″ on R3, but it should be “ip route 136.1.200.100 255.255.255.255 136.1.100.4″ given that .3 is R3′s own address. I wasn’t sure where to post this, thus thought this was the most appropriate place. On another note, from the labs I’ve walked through this is very good/thorough… I especially like the notes in the solutions section as it discusses ‘gotchas’ and why you chose to use the solution you chose.

Note: I’ll post this in the ‘technical forum’ for CCIE Security too just to advise anyone else that walks through the labs as I have.

May I have two advice regarding the structure of Security volume I Workbook:
1).Why not move IOS firewall section that currently under VPN part to ASA Firewall Section?
2).Have you missed the Advanced firewall topic that planed to place under PIX/ASA Firewall part?

Sorry,my second advice should be: Maybe there still some other material that could be in the Advanced firewall topic.(Compared with the outline you mentioned in previous blogs)
I’ve always been very appreciated by your excellent workbook.

Leave a Reply

Currently you have JavaScript disabled. In order to post comments, please make sure JavaScript and Cookies are enabled, and reload the page.Click here for instructions on how to enable JavaScript in your browser.